Suspect who refused to decrypt hard drives released after four years

The contentious case of a man held in custody since 2015 for refusing to decrypt two hard drives appears to have reached a resolution of sorts after the US Court of Appeals ordered his release.

Former Philadelphia police sergeant Francis Rawls was arrested in September 2015, during which the external hard drives were seized along with other computers from his home.

Based on forensic analysis of his download habits and the testimony of his sister, the police believe they contained child abuse imagery but were unable to prove that without access to the drives.

Rawls claimed he did not know or had forgotten the passcodes while his lawyers argued that on principle forcing him to reveal these violated his Fifth Amendment right against self-incrimination.

Ruled in civil contempt of court, in 2017 a second court rejected the Fifth Amendment argument.

Never formally charged with a crime, a lot seems to have hinged on whether Rawls should be treated as a suspect or a witness. If Rawls was considered a witness, the fact that he’s being asked to provide information that could be used against himself, is, in effect, self-incriminating testimony.

From the start, this was an unusual case that will be referenced for years to come, not last by the civil liberties campaigners who took up the case and opposed the Government’s arguments.

The prosecutors said they had ample evidence of Rawls’ alleged downloading of child abuse images but seemed happy to leave him in jail without charge.

Their assumption that he knew the passcode meant that he would surely relent rather than languish in jail indefinitely. And yet, Rawls didn’t relent, perhaps calculating that the courts would eventually take his side in a highly technical argument.

Rawls has now been released on the basis that the detention under civil contempt does not allow prosecutors to hold a witness for longer than 18 months.

But there was always a technical dimension hovering over this case – the hard drives were reportedly encrypted using Apple’s FileVault software.

Although Rawls could have been using any encryption software, Apple’s involvement must have hit a nerve.

The company has been in dispute with the Government over a series of cases, most famously attempts to force Apple to aid access the iPhone of the San Bernardino shooter in 2015. More recently, the iPhone access issue came up again after a shooting at a US Naval base.

The Rawls case is different in that it’s not the company being pursued but the suspect. But it underlines the battle now happening between companies offering encryption which can be used by anyone and a Government keen to head off the inconvenience this creates.

In January it was alleged that Apple has been more cooperative with the Government than it’s yet admitted, rowing back on a plan to extend end-to-end encryption to iCloud backups.

Ultimately, the FBI would like a backdoor only they could use, a move Apple has resisted.

But failing that, there’s always the front door. Rawls seems to have held out against demands for encryption passcodes, but he won’t be the last to be asked.

Latest Naked Security podcast


Click-and-drag on the soundwaves below to skip to any point in the podcast. You can also listen directly on Soundcloud.